For a few days now, I got a 429 TooManyRequest error when signing my plugins. Could you communicate about that ? What is the maximum request per hour/day. Since when this security is on ?
Hi @younesguarssifi we are not open on sharing our internal rate limits because of security reasons but for a normal user, who probably requires a plugin signing from time to time should not be an issue at all
Are you facing this issue from your terminal or from CI? (e.g. github action).
Hello @academo,
I’m facing this issue from an azure pipeline. I may have around 20 plugins (panels and datasources) that I build and sign from time to time.
Any news on that ?
Hi @younesguarssifi can you give us some insights on how’s your pipeline working?
are you perhaps signing all of your plugins at the same time every time you push a commit to any of them?
It’s what we used to do yes, but now we only sign those which changed, but still I encounter the error. Also we had a script which runs on a docker container start, which signs the plugins with a specific domain.
Could you tell me what’s the philosophy behind this signature API limit ? What’s the right rate to sign private plugin from Grafana perspective ?
Hi @younesguarssifi once again we can’t reveal our rate limits, but I can assure you they are tailored to be more than enough for people signing their plugins in a normal scenario.
my advice is to stop signing your plugins on every build and instead only build them when you are intending to release. There’s no need to sign every commit (or merge to head). The problem comes from probably the pipeline too many times trying to verify the keys and signing in a short period of time.
Instead you can adjust your pipelines so the release and sign is only made when you intentionally merge to a release branch, or maybe when you create a git tag that starts with v (so you signal there’s a new version)